k8s集群搭建-Kubeadm

准备工作

1、安装vim

yum -y install vim*

2、关闭防火墙

systemctl stop firewalld

systemctl disable firewalld

3、时间校正(系统时间不一致会导致node节点无法加入集群)  

yum install -y ntp
ntpdate cn.pool.ntp.org

4、关闭selinux

sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0

5、关闭swap

vim /etc/fstab

注释/dev/mapper/centos-swap swap swap defaults 0 0

6、将桥接的IPv4流量传递到iptables的链

cat > /etc/sysctl.d/k8s.conf << EOF
   net.bridge.bridge-nf-call-ip6tables = 1
   net.bridge.bridge-nf-call-iptables = 1
   EOF
sysctl --system

所有的节点

1、安装docker

yum -y install wget
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce-18.06.1.ce-3.el7
systemctl enable docker && systemctl start docker
docker --version

2、添加阿里云软件源

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

3、安装指定版本1.13.3,以及跳过公钥版本检查,以及解决kubernetes-cni问题,并检查版本,会避免后续很多坑。。。

yum install -y kubelet-1.13.3 kubeadm-1.13.3 kubectl-1.13.3 kubernetes-cni-0.6.0 --nogpgcheck

kubelet --version
kubeadm version

4、启动服务

systemctl enable kubelet.service

master节点

1、初始化

kubeadm init \
--apiserver-advertise-address=xxx.xxx.xx.xx \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.13.3 \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16

启动成功响应如下:

Your Kubernetes master has initialized successfully!

To start using your cluster...

2、部署Pod网络插件

kubectl apply -f \
https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml

3、验证,所有status为running才是成功的

kubectl get pod --all-namespaces

k8s集群搭建-Kubeadm

 

集群加入Node

kubeadm join 192.168.20.14:6443 --token xxx --discovery-token-ca-cert-hash \sha256:xxx

master上获取token(24h有效):或者直接新建

kubeadm token list 
kubeadm token create

master上获取证书的sha256编码hash

openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'

mster节点查看集群内各个节点状态 

k8s集群搭建-Kubeadm

上一篇:字母图形


下一篇:常用Dos命令